medium
5.3
CWE
754
Advisory Published
Updated

CVE-2024-32867: Suricata's defrag contains various issues leading to policy bypass

First published: Tue May 07 2024(Updated: )

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, various problems in handling of fragmentation anomalies can lead to mis-detection of rules and policy. This vulnerability is fixed in 7.0.5 or 6.0.19.

Credit: security-advisories@github.com

Affected SoftwareAffected VersionHow to fix
OISF Suricata>=6.0.0<6.0.19
OISF Suricata>=7.0.0<7.0.5

Remedy

https://github.com/OISF/suricata/commit/1e110d0a71db46571040b937e17a4bc9f91d6de9

Remedy

https://github.com/OISF/suricata/commit/2f39ba75f153ba9bdf8eedc2a839cc973dbaea66

Remedy

https://github.com/OISF/suricata/commit/414f97c6695c5a2e1d378a36a6f50d7288767634

Remedy

https://github.com/OISF/suricata/commit/bf3d420fb709ebe074019a99e3bd3a2364524a4b

Remedy

https://github.com/OISF/suricata/commit/d13bd2ae217a6d2ceb347f74d27cbfcd37b9bda9

Remedy

https://github.com/OISF/suricata/commit/e6267758ed5da27f804f0c1c07f9423bdf4d72b8

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2024-32867?

    CVE-2024-32867 is classified as a vulnerability that can lead to mis-detection of rules in the Suricata network security software.

  • How do I fix CVE-2024-32867?

    To fix CVE-2024-32867, upgrade Suricata to versions 7.0.5 or 6.0.19 or later.

  • What versions of Suricata are affected by CVE-2024-32867?

    Suricata versions prior to 7.0.5 and 6.0.19 are affected by CVE-2024-32867.

  • What types of issues does CVE-2024-32867 cause?

    CVE-2024-32867 causes various problems in handling fragmentation anomalies, leading to mis-detection of rules and policies.

  • Is there a workaround for CVE-2024-32867?

    There are no known workarounds for CVE-2024-32867; upgrading to the patched versions is recommended.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203